from xadmin.model import *

class XAuthentication(object):
    def __init__(self, request):
        self.request=request
        
    def verify(self):
        if not self.request.headers.has_key('Authorization') or not self.request.headers.has_key('User'):
            return False

        username = self.request.headers['User']
        user = Session.query(User).filter_by(username=username).first()
        if user is None:
            return False
        else:
            raw = '%s:%s' % (user.username, user.password)
            auth_header = 'Basic ' + raw.encode('base64').strip()
            if not auth_header == self.request.headers['Authorization']:
                return False         
        return True